GDPR and Data Protection Officer

September 10, 2019 posted by


When the general data protection
regulation comes into force on May 25th of 2018. Certain organizations will be
required to have a data protection officer. Some organizations may choose to
have a DPO even where it’s not mandated, they need to be conscious of the fact
that where you do choose to have a DPO you’ll be required that that person will
do the same things as if it was mandatory, so that does restrict you a
little bit. Other organizations might choose to have a privacy officer I
suppose what fear is it’s going to be very difficult to maintain compliance
and be accountable for GDPR unless you have somebody at the center who’s doing
a lot of activity around it. Whether that person is the DPO or a privacy officer. You
may have some conversations about types of activity that this person will need
to do is, well they’re going to be your key point of contact both within the
organization for training and communication with staff, with your data
subjects in the event of a complaint or subject access requests and with the
regulator in the event that you’ve had some sort of event or the regulator
wants to challenge you on your compliance. The data protection officer needs to have a very broad range of skills. Unfortunately it’s going to be a
big challenge there you know they need IT security, information security,
operations, GDPR knowledge, training, communication with regulator. It’s a very
broad role legal background, technical background, operations background and
many organizations will struggle to attract and retain a person or people or
a team of people that can operate at this level and justify the cost of doing
so. The reality is right now GDPR is just a document. We don’t know how it’s
going to be regulated. We don’t know what case law is going to define how its
interpreted and it’s only when those decisions are made that we’ll be in a
position to fully understand GDPR and that’s going to continue to
develop over 2018-2019 and perhaps beyond. Mazars have been providing
outsourced BPO services to our northern European clients over
the last 10 years. It’s a very mature market. We’ve now moved that service into Ireland and customized it with the Irish market. We’re talking to our clients
right now about the need they may have for it and we are very excited about that.

No Comments

Leave a Comment

Your email address will not be published. Required fields are marked *